SQLServerCentral / SQL Server 2008 / SQL Server 2008 - General / How to Encrypt Database Objects in SQL Server 2008R2 / Latest Posts

SQLServerCentral / SQL Server 2008 / SQL Server 2008 - General / How to Encrypt Database Objects in SQL Server 2008R2 / Latest PostsInstantForum.NET v2.9.0SQLServerCentralhttp://www.sqlservercentral.com/Forums/notifications@sqlservercentral.comFri, 24 May 2013 23:34:02 GMT20RE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]Sagesh (10/11/2012)[/b][hr]Use WITH Encryption Keyword with all the SQL objects while installing on the production system.[/quote]As I mentioned earlier in this thread, that's not actually encryption and it's trivial to reverse.Thu, 11 Oct 2012 06:37:28 GMTGilaMonsterRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxUse WITH Encryption Keyword with all the SQL objects while installing on the production system.Thu, 11 Oct 2012 06:19:44 GMTSageshRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxThe DBA of a production system will have rights to see all atabase objects.If you use 'encrypted' stored procedures and functions, the DBA will not be able to view the contents of these in SSMS, but as Gail says this is just obfuscation and is trivial to reverse.If this is an in-house application then you have next to zero justification for trying to hide your database objects from the production DBA. You just make your system less reliable to operate. If this is a system that is to be sold, then normal practice is that you protect yourself with contractural agreements, not by trying to hide the internals of your system.Mon, 19 Dec 2011 10:01:27 GMTEdVassieRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]azhar.iqbal499 (12/1/2011)[/b][hr]In case if He would be able to reach the database then He must not be able to see the code of database objects.So What security meausres should I take to acheive this goal.Thanks[/quote]anybody granted access to the database will have public access which provides the ability to view certain objects. Exactly what is it you dont want users to see?Fri, 02 Dec 2011 02:14:25 GMTPerry WhittleRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]azhar.iqbal499 (12/1/2011)[/b][hr]Thanks.I just want to save my database from any user at live, [b]In case if He would be able to reach the database then He must not be able to see the code of database objects.[/b]So What security meausres should I take to acheive this goal.Thanks[/quote]I believe you need a proper User Access management than encryption. I would restrict a user at following levels...Server Login Level Database User Level Schema Level Object Level Object level Encryption (SP / View)Thu, 01 Dec 2011 23:46:40 GMTDevRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxThanks.I just want to save my database from any user at live, In case if He would be able to reach the database then He must not be able to see the code of database objects.So What security meausres should I take to acheive this goal.ThanksThu, 01 Dec 2011 22:08:42 GMTazhar.iqbal499RE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]anthony.green (12/1/2011)[/b][hr]i think the question is, how do you get the padlock on objects like some 3rd parties do, one example is LiteSpeed, where the properties of the object show as Encrypted and you cannot right click and modify the object via SSMS or by doing a sp_helptext on the object[/quote]Just bear in mind that is not encryption. It's nothing more than a bit of obfuscation and extra checks by SQL. It's trivial to reverse.Thu, 01 Dec 2011 07:24:22 GMTGilaMonsterRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]azhar.iqbal499 (12/1/2011)[/b][hr]I have created TDE from sa user and I logged in with another user with same rights. But all DB objects were looking unencrypted. [/quote]Yes, because TDE is encryption of the database file to prevent people from attaching it on other servers. Nothing whatsoever to do with the objects in the DB.Thu, 01 Dec 2011 07:21:24 GMTGilaMonsterRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxi think the question is, how do you get the padlock on objects like some 3rd parties do, one example is LiteSpeed, where the properties of the object show as Encrypted and you cannot right click and modify the object via SSMS or by doing a sp_helptext on the objectThu, 01 Dec 2011 02:02:23 GMTanthony.greenRE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxI have created TDE from sa user and I logged in with another user with same rights. But all DB objects were looking unencrypted. My Question is that When this database would be uploaded at Liver Server then how it would be protected from attacks. Should I use other users for this? I want to test these scenarios at dev environment before shift it to Live.I think you understand my Question.Thanks for reply.Thu, 01 Dec 2011 00:54:37 GMTazhar.iqbal499RE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]azhar.iqbal499 (12/1/2011)[/b][hr]I have implemented TDE at Database. I want to test the TDE. What is the procedure of this. Should I create new user for this or should I take backup to test.Please help[/quote]TDE will not prevent valid users from altering the objects.So creating new user is not required.Yes, backup/restore test you should do.Thu, 01 Dec 2011 00:20:03 GMTSuresh B.RE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxI have implemented TDE at Database. I want to test the TDE. What is the procedure of this. Should I create new user for this or should I take backup to test.Please helpThu, 01 Dec 2011 00:06:41 GMTazhar.iqbal499RE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspx[quote][b]azhar.iqbal499 (11/30/2011)[/b][hr]I want this to avoid any changes in the objets in Live Environment.[/quote]You have to consider permissions also. Grant minimum permission to the users.By revokeing ALTER permission, you can avoid changes.Wed, 30 Nov 2011 22:22:56 GMTSuresh B.RE: How to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxI am recommending a lengthy but good article below. It will help you narrow down the term Encryption (for database / column etc.)[b]Database Encryption in SQL Server 2008 Enterprise Edition[/b][url]http://msdn.microsoft.com/en-us/library/cc278098(v=SQL.100).aspx[/url]Wed, 30 Nov 2011 00:41:00 GMTDevHow to Encrypt Database Objects in SQL Server 2008R2http://www.sqlservercentral.com/Forums/Topic1213699-391-1.aspxI am using SQL Server 2008R2, I want to encrypt all database objects before sending these to Production.I want this to avoid any changes in the objets in Live Environment.What is the best way to do this and what are the pros and cons of this.Thanks.Azhar IqbalWed, 30 Nov 2011 00:24:56 GMTazhar.iqbal499